No more applications are being accepted for this job

Engineer Systems III, SEY3/ CND - Fort Meade, United States - Peraton

Peraton Fort Meade, United States

2 weeks ago

Description

Peraton

Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly...

View company page

Are you looking for an

Engineer Systems III, SEY3/ CND / Incident Response

Analyst role?

This is what you'll get to do:

Architecture, administration, and operation of comprehensive monitoring solutions for enterprise network, hosts and user for the detection, monitoring, and removal of threats as directed by the appropriate authority.

Integration and management of SIEM

and SOAR platforms, such as Elastic, Splunk, Sentinel, and other open-source or government provided solutions.
Creation and maintenance of comprehensive incident response playbooks to streamline response activities, ensuring consistent and efficient responses.
Correlation of data from multiple sources, including host, network, user, and intelligence reports, to uncover threats.
Collection, aggregation, and interpretation of log data from various sources.

Configuration, management, and optimization of Network Intrusion Detection Systems and Host-based Intrusion Detection Systems, to include fine-tuning security rule sets for tools such as Suricata, Snort, Yara, and Sigma.

Deep packet inspection and identification of malicious traffic using packet analysis tools, such as Wireshark or Network Miner.

Hardware configuration and design of deployable network kits that includes switches, routers, taps, hypervisors, and network storage devices to ensure seamless integration and optimal performance.

Analysis of the current state of organizational cyber security policies, certification and accreditation packages, programs, procedures, and provide expert recommendations for improvement based on industry best practice.

Implementation and maintenance of firewalls, VPNs, and security controls to secure a networks perimeter.

Both static and dynamic malware analysis to determine the function of unknown binaries and identify unique characteristics, leading to the development of indicators of compromise.

Advanced network and host forensic techniques, such as dead disk forensics, memory forensics, and registry forensics, using tools such as Kape, Autopsy, Volatility, FTK, and Encase.

Threat hunting to identify advanced persistent threats and zero-day vulnerabilities using various threat hunting methodologies.

Perform Cyber Threat Emulation to assess security tools to, test mitigations, evaluate controls, and evaluate local defender procedures in a controlled environment.

Training and development of CPT personnel on foundational areas such as network and host analysis, JQR, Mission qualification, and KSA's related to their assigned work role.

Applying DCO and Offensive Cyber Operations (OCO) concepts and applications to mission analysis and utilizing them to develop concepts of employment for the CPT and assist in pre-mission planning activities.

Provide input into DCO mission products such as pre-mission planning briefs, situation reports, post mission documentation, after action reports and lessons learned at the conclusion of events such as operations, exercises, and training.

Utilization of various threat intelligence sources to improve security posture and provide input into pre-mission product development.
Qualifications

Basic Qualifications:
Active/Current Top-Secret/SCI with polygraph
Minimum of Bachelor's Degree from an accredited college or university
Ability to recognize suspicious activity/events, common attacker TTPs, perform logical analysis and research to determine root cause and scope of Incidents
In-depth knowledge of each phase of theIncident Response life cycle
5 years with BS/BA; 3 years with MS/MA; 0 years with PhD of related experience.

Preferred/Desired Qualifications:

IAT level III or CSSP Incident Responder certification with documented additional education, specialization, or certification in one of the technologies or tools listed below.

(JELC)
5 years of experience in 8 or more of the 13 below:

System Architecture

Network Engineering
Systems Engineering
Virtual Environments

Scripting

Powershell
Python
RegEx

Forensics

Dead disk and memory interrogations
Malware analysis/reverse engineering

Additional Preferred Experience

SCADA Systems
Cloud Environments
Database Administration
Hunt Methodologies
SEIM Operations (Splunk/Security Onion)

Peraton Overview

Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy.

As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure.

Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets.

Every day, our employees do the can't be done, solving the most daunting challenges facing our customers.
Target Salary Range $112,000 - $179,000. This represents the typical

Responsibilities

Are you looking for an

Engineer Systems III, SEY3/ CND / Incident Response

Analyst role?

This is what you'll get to do: